The many ways to obtain credentials in AWS
Dive into the complexities of AWS IAM credentials and uncover how defenders can stay ahead with in-depth knowledge of SDK behaviors and service-specific mechanisms.
Scott Piper works on Wiz's Threat Research team where he analyzes risks within AWS environments. Prior to that, he worked on Block's Cloud Security team and as a cloud security consultant prior to that. He helps organize the fwd:cloudsec conference, admins the Cloud Security Forum Slack, and maintains a number of resources in his role as the Internet's cloud security historian. His more popular projects have been the open-source tool CloudMapper and the CTF flaws.cloud.
Dive into the complexities of AWS IAM credentials and uncover how defenders can stay ahead with in-depth knowledge of SDK behaviors and service-specific mechanisms.
AWS re:Invent 2024 brought an avalanche of announcements, with over 500 updates since November. Let's spotlight the most impactful ones for security teams, from Resource Control Policies to centrally managed root access.
Unlock the Power of AWS Resource Control Policies: Enforce Security and Streamline Governance Across Your Organization.
Detect and mitigate CVE-2024-47076, CVE-2024-47175, CVE-2024-47176, and CVE-2024-47177 vulnerabilities impacting CUPS and IPP packages.
This feature of caching services can result in unexpected behavior. Here's how to prevent sensitive data from being accidentally exposed.
Advice for tackling and completing these major projects, including metrics, alerts, and prevention strategies.
Wiz Threat Research recently spotted a new phishing campaign targeting AWS accounts.
We explore “proof-of-storage" cryptocurrencies like Chia, the potential for proof-of-storage cryptojacking attacks, and steps defenders can take to detect them.
Wiz cloud security researcher, Scott Piper, suggests measures organizations can adopt to ensure secure defaults on AWS and improve their security posture.
Learn about the process of preventing security issues by changing things outside of your environment by looking at how a misconfiguration was occurring when Github Actions were integrated with AWS IAM roles and the improvements made that have now made this misconfiguration much less likely.
Learn about the impact in cloud environments of CVE-2023-20593, a cross-process information leak vulnerability in AMD Zen 2 Processors.
In the earlier posts in this series, we showed not only how to get rid of unused access keys, but also how to minimize risk by applying a least-privilege strategy. In this final post, we’ll at last get into the discussion of alternative solutions to using access keys.
In the previous post in this series, we discussed how to do some basic cleaning of AWS access keys. In this post, we’ll show how to reduce the privileges in order to mitigate their risk.
Learn how to identify unused and unnecessary long-lived IAM User access keys.
Service Control Policies (SCPs) can be a great way to prevent actions from happening in AWS accounts. In this post, we will illustrate a specific use case of SCPs that protects the security baseline, or landing zone, configuration you’ve created for accounts
Wiz's State of the Cloud 2023 report provides analysis of trends in cloud usage such as multi-cloud, use of managed services and more. In addition, the report highlights notable cloud risks based on insights from 30% of Fortune 100 enterprise cloud environments
Learn about how AWS's recently released Delegated Administrator for AWS Organization can be used to solve common problems at your company and the issues you might run into with it.
Detect and mitigate CVE-2022-27518, a Citrix ADC and Gateway unauthenticated RCE 0-day exploited in the wild by a nation state actor. Organizations should patch urgently.
AWS re:Invent is the largest conference of the year for Amazon Web Services (AWS) with hundreds of talks. We picked our favorite cloud security talks that are available online.